The intrinsic standardized property of an XML document provides a convenient way to carry out data exchanges between heterogeneous platforms among organizations via the Internet. The Internet is a public network, and traditionally there has been little protection against unauthorized access to sensitive information, and attacks. Although the W3C proposed the XQuery language [3], which is designed to be broadly applicable across all types of XML data sources, this language does not provide a security mechanism in its query expressions. In this paper, we propose a new XML query language, called the secure XNIL Query (sXQuery) language. sXQuery is derived from XQuery, and reinforced with a security mechanism; sXQuery combines the specification ability of both the XQuery language and the document security language which is designed to specify the scope and encryption details of XML [9, 11]. The user can specify the query and corresponding encryption details at the same time, that is, in the same sXQuery We have designed an sXQuery editor which enables users to generate sXQuery documents without having to write sXQuery source codes directly. Also, we present a scheme to implement an sXQuery engine by using the existing XQuery engine.

• 出版日期2008-11
• 单位东华大学